From: Sascha Hauer <sha@pengutronix.de>
To: Neeraj Pal <neerajpal09@gmail.com>
Cc: barebox@lists.infradead.org
Subject: Re: [BUG] Stack buffer overflow WRITE of size 1 in nfs_start function
Date: Tue, 11 May 2021 10:58:45 +0200 [thread overview]
Message-ID: <20210511085845.GG19819@pengutronix.de> (raw)
In-Reply-To: <CANi4_RWKvQV68RaZLNBFTJP1z3vObuZYo-HRqfU6r4rL8ZxKoQ@mail.gmail.com>
On Mon, May 10, 2021 at 04:38:51PM +0530, Neeraj Pal wrote:
> Hi Sascha,
>
> Thank you for the patches.
>
> I have confirmed it and observed no crashes as reported earlier but I
> think there is a small typo in the nfs_start() function in
> net/nfs.c#L677.
>
> 672 static int nfs_start(char *p)
> 673 {
> 674 debug("%s\n", __func__);
> 675
> 676 nfs_path = strdup(p);
> 677 if (nfs_path)
> 678 return -ENOMEM;
> 679
>
> In line 677, if strdup is successful then it is returning ENOMEM so I
> think there is a typo, it is supposed to check for NULL so it would be
> if (!nfs_path) or if (nfs_path == NULL) then it should return ENOMEM.
>
> Please confirm and also sending a small patch.
Ok, so my patch doesn't resolve the whole issue. I just tried the nfs
command once after a long time now and this really seems to be broken
in other ways as well. I tend to entirely remove the command instead
of further trying to fix it. The normal way to handle nfs should be
to use the NFS filesystem implementation anyway which would be
mount -t nfs $server:/path/to/share /foo
I don't think we have the manpower to maintain two NFS implementations,
so we shouldn't try to.
Sascha
--
Pengutronix e.K. | |
Steuerwalder Str. 21 | http://www.pengutronix.de/ |
31137 Hildesheim, Germany | Phone: +49-5121-206917-0 |
Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox
next prev parent reply other threads:[~2021-05-11 12:27 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-04-17 18:52 Neeraj Pal
2021-05-07 8:41 ` Sascha Hauer
2021-05-10 11:08 ` Neeraj Pal
2021-05-10 13:18 ` Neeraj Pal
2021-05-11 8:58 ` Sascha Hauer [this message]
2021-05-11 18:06 ` Neeraj Pal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210511085845.GG19819@pengutronix.de \
--to=sha@pengutronix.de \
--cc=barebox@lists.infradead.org \
--cc=neerajpal09@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox